Improving URLs for Oracle GoldenGate Microservices using a Reverse Proxy

Oracle GoldenGate finally has a GUI/Web Page interface to work with the product. This has been a long over due and welcomed feature that was initally released with Oracle GoldenGate Microservices in 12.3. Since 12.3 and through 19.1, the Oracle GoldenGate team has been preaching the simplicity and securty benefits of using a reverse proxy to simplify the URLs that are used with Oracle GoldenGate Microservices. Afterall, using a reverse proxy is a great way to simplify the architecture and allow you quick access to resources using shorter URLs.

After setting up Oracle GoldenGate Microservices, you can access the ServiceManage by using a URL that looks like:

http(s)://<host>:<port>

In my environment, this URL would look like this:

https://localhost:16000


 

As you can tell, I can get to the ServiceManager page on port 16000 (you set the port, we don’t set default ports although we tell people 9000). Which is easy to access, but how would I access any of the other services provided by Oracle GoldenGate Microservices? The URLs to access the other services would just require changing the port number.

In my envionrment, I would just use URLs like this:

https://localhost:16001 <- Administration Service
https://localhost:16002 <- Distribution Service
https://localhost:16003 <- Receiver Service
https://localhost:16004 <- Performance Metric Service

Not very elegant and who wants to remember port numbers? Especially when you may have multiple deployments on a single host. Much less asking your firewall admin to open ports…we all know how those grumpy bears are! How can we improve on this? The answer is simple, just use a reverse proxy to consolidate ports down to a single, standard port.

To make this easier to setup, we provide a utility when you install Oracle GoldenGate Microservices called ReverseProxySettings. This file can be found in the Oracle GoldenGate Microservices Home ($OGG_HOME/lib/utl/reverseproxy). This utility will do the initial configuration of an Nginx Reverse Proxy and allow access to a single port. The default port that is used is HTTPS (443).

To implement the Nginx Reverse Proxy, you first have to install NGINX. This done by pulling it from your Linux yum repository.

yum -y install nginx

 

After installing Nginx, then you will need to run the ReverseProxySettings utility. The utility requires the following items:

Oracle GoldenGate ServiceManager Login – This is the “security” role user
Password for the security role user
URL with port number for the ServiceManager

To run the script, it would look something similar to this:

cd $OGG_HOME/lib/utl/reverseproxy
./ReverseProxySettings -u oggadmin -P ********* -o ogg.conf https://localhost:16000

 

The ogg.conf file will be created in the directory where you ran the RegisterProxySettings script. This is the configuration file for Nginx Reverse Proxy. You can also use this file to model other reverse proxies, but Oracle is only going to support the Nginx version.

Once you ahve the ogg.conf file, you need to either be root or have sudo access to configure the Reverse Proxy. In this example, I’m using the sudo approach as the Oracle user.

To configure the Nginx Reverse Proxy, perform the following steps:

sudo cp ogg.conf /etc/nginx/conf.d/nginx.conf
sudo sh /etc/ssl/certs/make-dummy-cert /etc/nginx/ogg.pem
sudo nginx
sudo nginx -t
sudo nginx -s reload

 

After configuring the Reverse Proxy and starting the processes, you will be able ot access the ServiceManager without the port number. In this example, that would be:

https://localhost

Notice that the URL is shorter due to the port number being gone. Yes, I know it says it is un-secure, but that is due to the certficicate for the localhost. The enviornment is still encrypted between source -and-target. Will write another post at some point on how to fix that 🙂

 

Where the reall benefit of these short URLs while using the Reverse Proxy is with the deployments. Typically when you want to access a deployment, you would need to do something like this:

https://localhost:16001

With the Reverse Proxy, I can now bypass the port number and drill directly down into the deployment I would like to use. Check this out:

https://localhost/Atlanta/adminsrvr

This URL will take me directly to the Adminsitration Service for the Atlanta deployment.

With simplified URLs, I can easily administror Oracle GoldenGate from any remote location using the web pages without needing to remember port numbers. Which greatly simplifys the footprint of Oracle GoldenGate. Additionally, your firewall administrators will love you for making their life easier!

Enjoy!!!

Please follow and like:
Comments
  • Wonderful work! That is the type of info that should be shared
    around the internet. Shame on the search engines for now not
    positioning this publish upper! Come on over and seek advice from my web site .
    Thanks =)

  • Hey would you mind letting me know which webhost you’re utilizing?
    I’ve loaded your blog in 3 different browsers and I must say this blog loads a lot faster then most.

    Can you suggest a good web hosting provider at a honest price?
    Many thanks, I appreciate it!

  • Nice post. I learn something new and challenging on blogs I stumbleupon on a daily basis.
    It will always be helpful to read through articles from other writers and practice a
    little something from other sites.

  • This is really interesting, You’re a very skilled blogger.
    I have joined your rss feed and look forward to seeking more of your fantastic post.
    Also, I’ve shared your website in my social networks!

  • Its like you read my mind! You appear to know a lot about this, such as you wrote the ebook in it or something.
    I think that you simply can do with some percent to pressure the message house a little bit, but instead of that, this is excellent blog.
    A great read. I’ll definitely be back.

  • I have to thank you for the efforts you have put in writing this
    website. I’m hoping to see the same high-grade blog posts from you in the future as
    well. In fact, your creative writing abilities has motivated me to get my own, personal website now 😉

  • I’m not sure why but this weblog is loading extremely slow for me.
    Is anyone else having this issue or is it a issue on my end?
    I’ll check back later on and see if the problem still exists.

  • Thanks for another magnificent article. The place else could anyone
    get that type of information in such an ideal manner of writing?
    I’ve a presentation subsequent week, and
    I am on the search for such info.

Leave a Reply

Your email address will not be published. Required fields are marked *

Enquire now

Give us a call or fill in the form below and we will contact you. We endeavor to answer all inquiries within 24 hours on business days.